ACLs and hgweb?

Wed Feb 27 13:10:26 CST 2008

We're running on a Windows network here, and we've found that the best
way to integrate Mercurial with our current access control setup was to
use filesystem permissions and repository hooks. Hgweb already works
well with filesystem permissions by default. If a user can't read a
directory, it doesn't show up on the web interface.

To handle pushes and pulls more elegantly, we wrote some Python scripts
that get called from prechangegroup and preoutgoing hooks. For any user
trying to push/pull/clone a repository, a hook will find out what groups
the user belongs to, match it against groups that have read or write
access to the repository, and proceed accordingly.

In short...it's a pretty flexible system, and if you can write some
python hooks, you can base your push/pull access control off of just
about anything.

It's really easy to work with now that we have it set up. To change a
repository's access controls, all we have to do is change its
permissions in the filesystem, and that lets us control everything with
ActiveDirectory groups.

-----Original Message-----
From: mercurial-bounces at selenic.com
[mailto:mercurial-bounces at selenic.com] On Behalf Of Jeff Abbott
Sent: Wednesday, February 27, 2008 1:02 PM
To: Mercurial Mailing List
Subject: ACLs and hgweb?

Folks,

I'm evaluating whether or not Mercurial could replace our existing 
Subversion-based workflow, and the largest question that's come up is 
with access control.

We take great advantage of Subversion's authorization facilities with 
mod_authz_svn, and the ability of ViewVC to use that same authorization 
file to determine who should and shouldn't be able to see portions of 
the repository over the web.  It looks like we could accomplish what we 
largely need to accomplish with hgweb (and providing people access to 
the repositories via HTTPS), but that doesn't take care of access 
controls.  Also, the acl extension doesn't appear to work with hgweb, 
and while I'm not completely opposed to providing SSH repo access with 
hgsh to prevent people from having full shell access to the server, that

wouldn't stop them from browsing whatever they want to browse through 
the web.

Does anyone on the mailing list have any suggestions?  Basically, what I

need is the ability to restrict read and write access for users and 
groups to different repositories on the server.  Ideally I'd also like 
for that same authorization source to apply to the web interface, though

that's not a /strict/ requirement.  Thoughts?

Thanks,
Jeff
_______________________________________________
Mercurial mailing list
Mercurial at selenic.com
http://selenic.com/mailman/listinfo/mercurial